tukan

187 posts

tukan

@_2can

https://t.co/4wDlqqQzTa

Sumali Ekim 2012

621 Sinusundan832 Mga Tagasunod

Naka-pin na Tweet

tukan@_2can·11 Tem

ptmalloc fanzine episode 05 - thread local caching in glibc malloc tukan.farm/2017/07/08/tca…

English

tukan nag-retweet

offensivecon@offensive_con·22 Eki

Save the date. #Offensivecon25

English

207

29.7K

tukan nag-retweet

Binary Gecko@Binary_Gecko·5 Eyl

Check out our latest post about a vulnerability we disclosed to the Kernel Security Team - “Race conditions in Linux Kernel perf events” binarygecko.com/race-condition…

English

29.3K

tukan nag-retweet

Binary Gecko@Binary_Gecko·28 Ağu

Check out our latest blog post “Sky’s the Limit – Quick Analysis and Exploitation of a Chrome ipcz TOCTOU Vulnerability” binarygecko.com/skys-the-limit…

English

14.1K

tukan nag-retweet

Gyorgy Miru (Gym)@gymiru·27 Oca

What is the limit of an employer owning your results? When I left TASZK I expected to not receive credit for my unpublished work. It was surprising to see my name erased from old articles.The reason why I write this post is my exemployer personally taking credit for my research/4

Daniel Komaromy@kutyacica

Looks like Samsung Mobile Security selected me as the #1 researcher for their 2023 Rewards Program Hall of Fame. Appreciate that, thank you! security.samsungmobile.com/hallOfFameInfo…

English

16.9K

tukan nag-retweet

Halvar Flake@halvarflake·2 Ara

If the discussion about the future of humanity is Eliezer Yudkowski on one side and Marc Andreessen‘s manifesto on the other, we should without hesitation choose extinction.

English

5.5K

tukan nag-retweet

Blue Frost Security@bluefrostsec·13 Kas

Slides and PoC for our Ekoparty presentation "I'm High" by @NicoEconomou: labs.bluefrostsecurity.de/windows-system…

English

14.6K

tukan nag-retweet

Blue Frost Security@bluefrostsec·12 Haz

CVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driver by @dialluvioso_ and @esanfelix labs.bluefrostsecurity.de/blog/cve-2023-…

English

128

22.5K

tukan nag-retweet

Blue Frost Security@bluefrostsec·6 Haz

We've been asked to share the kernel challenge we had at OffensiveCon. You can download it at static.bluefrostsecurity.de/files/lab/bfsm… and give it a try. It was meant to be solved live at the conference, but apparently the noisy environment and german keyboard layout made it too hard :').

English

119

22.6K

tukan nag-retweet

n30m1nd@n30nfluke·17 May

I wrote something on the @ExodusIntel blog 🙂 blog.exodusintel.com/2023/05/16/goo…

English

228

35.6K

tukan nag-retweet

Blue Frost Security@bluefrostsec·17 Nis

Revisiting CVE-2017-11176: Introduction to Android/Linux kernel exploitation by @Firzen14 labs.bluefrostsecurity.de/revisiting-cve…

English

113

26.6K

tukan nag-retweet

Blue Frost Security@bluefrostsec·25 Oca

We are growing our browser vulnerability research team! Full time Chrome research, flexible hours, huge bonuses and fun retreats. Contact us at: careers(at)bluefrostsecurity(dot)de

English

23.2K

tukan nag-retweet

offensivecon@offensive_con·14 Ara

#OffensiveCon23 CFP is now officially open! cfp.offensivecon.org Don't wait until the last minute to submit!

English

tukan nag-retweet

KT@koczkatamas·29 Kas

We've disclosed two remotely exploitable Linux kernel bugs in the Bluetooth stack: one infoleak and one UAF. More information here: github.com/google/securit… and here: github.com/google/securit… (cc @theflow0)

English

187

576

tukan nag-retweet

Blue Frost Security@bluefrostsec·16 Ağu

New blog post released! Windows Segment Heap: Attacking the VS Allocator by @_vepe labs.bluefrostsecurity.de/blog.html/2022…

English

237

tukan@_2can·19 Tem

@NikitaTarakanov @pwn_expoit Last I looked PAC in Chromium was limited to the pac-ret mode (only return addresses protected), so also easy?

English

ohjin@pwn_expoit·19 Tem

#L132" target="_blank" rel="nofollow noopener">github.com/chromium/chrom… ''' arm_control_flow_integrity = "standard" '''

English

tukan nag-retweet

Taszk Security Labs@TaszkSecLabs·23 Haz

Video and slides for “UnZiploc”: labs.taszk.io/articles/post/… In our new OTA exploitation research on Huawei phones we explored remote interfaces to get RCE and escalate to TrustZone using logic bugs only.

English

165

tukan nag-retweet

Ange@angealbertini·1 Nis

Please RT - I have no job next: I was told that my request was likely to succeed, and I have custody of my kids, so I can't "return to the office" as I'm expected.

Ange@angealbertini

It's a great date to have your request to work remotely rejected because it's "not aligned with your team or organisation" even if the whole team and hierarchy is working in different locations or countries. I'm looking for a WFH position, starting June: file formats, RE, fuzzing

English

tukan nag-retweet

Blue Frost Security@bluefrostsec·1 Mar

Want a chance to join BFS as a vulnerability researcher and enjoy a full time remote position, with a competitive base salary, cash bonuses and amazing fun retreats? Try out a light challenge to begin your journey! labs.bluefrostsecurity.de/blog.html/2022…

English

tukan@_2can·11 Ara

@b1ack0wl @b1ack0wl DESTROYS memory corruption exploits with FACTS and LOGIC.

English

b1ack0wl@b1ack0wl·11 Ara

LOGic flaws > memory corruption

English

Tuklasin

@NicoEconomou @dialluvioso_ @esanfelix @ExodusIntel @Firzen14 @theflow0 @_vepe @NikitaTarakanov